Many organizations wish to permit external access to their computers and the data or software provided thereon in a secure manner. Existing mechanisms for controlling such access typically employ user credentials, such as by requiring external users to provide a recognized username and, optionally, corresponding password. The provision of such user credentials may be automated, such as by embedding the user credentials in the user's device or by using as user credentials some data (such as a sim card number in a mobile telephone) uniquely associated with the user device. However, the organization then assumes that the user's system or device that is being used to access the organization's server or its content is secure and reliable. Nevertheless, this assumption may be valid if the user's system or device is a desktop computer or the like that is located and operates within the periphery of the firewall of the organization's computer system.
More recently, however, numerous other devices (such as mobile telephones and personal digital assistants) have been provided with the capacity to access computers remotely, and are being used to access, download and cache sensitive information. Mobile devices are regarded as greatly enhancing user productivity by allowing ready access to data, but mobile device security is often inadequate and may introduce new security threats not posed by some existing fixed systems.
One security threat introduced by mobile devices arises from their size, which make such devices vulnerable to theft and loss; this makes them targets for thieves seeking to intercept confidential data. Also, many mobile devices are equipped with wireless web capabilities and hence are able to seamlessly access the internet with negligible security. Certain mobile devices can beam data (such as by infrared communication) to other comparable devices, allowing compatible mobile devices to send information and files to one another wirelessly. This potentially allows viruses to be easily exchanged between these devices owing to the lack of firewall software.
Another vulnerability arises during the synchronization of a mobile device with a desktop or comparable computer. During synchronization, a mobile device infected with a virus may transmit that virus to the computer; if that computer is networked to other computers, the virus may then be spread throughout an entire organization. Finally, mobile devices have relatively small memories, processing and battery power, and hence have limited room for existing security features.
Typically, existing approaches to ameliorating these problems address specific areas of security threats relating to mobile devices at the application level and, to some extent, at the operating system space. These approaches attempt to secure devices from various security threats faced in the data store space, data transit space or anti-virus space. However, they are ad hoc, lack standardization and cannot be universally deployed.
One specific approach includes classifying the data to be accessed according to category of sensitivity (such as of “high”, “medium” and “low” confidentiality). Access is then granted according to user identity (as described above) and each user's authorization to access the different categories of data.
Credant Technologies, Inc. (a Delaware corporation) provides a software solution whereby a report is transmitted from the mobile device to the main computer (the “server” in this scenario) containing the identity of the mobile device (the “client”), of the model of the mobile device and of the security software installed on the device. According to this approach, therefore, a client-side software module reports these characteristics to the server. However, this client software module can be “spoofed”, rendering the report untrustworthy. Also, this lookup is static; it is not possible to determine dynamically the security capabilities of the client at any time.
Further, the lookup in this approach is based on application names, giving rise to very weak binding, and there is no binding between the sensitive data and the device. Access control is, again, granted based only on the authenticated user's role.